A simple spam filter for sNews CMS

A simple spam filter for sNews CMS

April, what a month this has been thus far, I'm finally done with jury duty after 2 weeks! I've been so busy with that and trying to stay on top of my other work, that I haven't had hardly a minute to enjoy myself or work on any of my sNews projects, until today that is.

Recently I mentioned I was working on a function to filter out all that garbage link spam, well, I have had a basic version running on my sNews site here for a while, so I've cleaned it up and am releasing it here for public use.

What does this function do? Well, two things right now... when you pass a comment to it, it will;

  • Check for linkspam, if someone has tried to insert more than 2 links, it will flag it as possible spam.
  • Check for clusters of consonants, i.e. "garbage words". This is sort of English-language centric, but all the sNews spam I've seen is English, so I think it should work well for others as it's working wonderful for me thus far.

This function doesn't modify the comments in any way, rather it identifies if it is possibly spam and allows you to send that comment to moderation while allowing others to post directly. By no means a foolproof method, but in conjunction with my image / match hybrid captcha mod, it can severely limit the impact of bot spam on your sNews install.

This means spam like this one will be sent straight to moderation;

motORE izkpclcuguab, [url=http://krjyaebubfcw.com/]krjyaebubfcw[/url], [link=http://babukwwpyzwx.com/]babukwwpyzwx[/link], http://tpgdyvvxhdqf.com/

If you get spam like that and want to stop having it posted right away, try this out.

1. To get started, as usual, BACK-UP your snews.php file and work off a copy, now insert the new function mayBeSpam at the end of your snews.php file above the closing php tag;

function mayBeSpam($comment) {
    if (_ADMIN) { // user is the admin, not spam
        return false; 
    if (preg_match_all('/((http)+(s)?:(\/\/)|(www\.))/i',$comment,$matches) > '2') { // more than 2 links inserted, likely spam
        return true;
    if (preg_match_all('/[bcdfghjklmnpqrstvwxz]{5,}/i',$comment,$matches) > '0') { // big consonant clusters indicate likely garbage words
        return true;

2. Now find the function comment and within it, find the following line and add the highlighted code below it;

$approved = s('approve_comments') != 'on'|| _ADMIN ? 'True' : '';
if (mayBeSpam($comment) == 'true') {
    $approved = '';
    $send_to_moderation = '1';

3. Still within the function comment, find the following line;

$commentStatus = s('approve_comments') == 'on' && !_ADMIN ? l('comment_sent_approve') : l('comment_sent');

and change it to;

$commentStatus = (s('approve_comments') == 'on' || $send_to_moderation === '1') && !_ADMIN ? l('comment_sent_approve') : l('comment_sent');

4. Now find the bit containing the comment email notification and modify the second line to reflect the highlighted changes below;

if (s('mail_on_comments') == 'on' && !_ADMIN) {
    if (s('approve_comments') == 'on' || $send_to_moderation == '1') {

That's it, now upload your modified snews.php file and if you allow comments without moderation, it will automatically send comments with 2 or more links or the "garbage words" to the moderation queue.

As of right now, the spam check function is very basic, but the reason I wrapped it in a separate function is so anyone can extend it by adding their own checks in there, i.e. if you get a lot of spam comments containing the words "viagra" or "credit report", you can add a check to send comments containing a threshold of those keywords to moderation instead of directly posting them.



You might like


I have jury duty last year first time in my life .. duty is duty ..two weeks you stayed? Man that is long time...? What happend?

Well, here in Massachusetts it's either 1 trial or 1 day, I just got unlucky and got picked to sit on a jury on a trial that ended up taking 2 weeks.

This is the 3rd or 4th time I've been called, but the first time I've been picked.

Thanks a lot Matt. It's working great.

Sory Matt your comment and my got delited buy Joost from forum....Now i m going to be back on snews forum more then ever..I just waiting to buy me new pc and we going to Rock forum and snews :)...One more time sory Joost delieted all post and i just want to say final hello to my friends..That is not right...Life goes on ..All see you in forum he cant ban me from forum ....I like your site and i like your MODs...I wisit your site couple times in week...Keep up great work Matt....

Thanks Matt.
Added and working great.

Hi Matt!!! Hey can you make MOD for email form to be independent from core file..Let says i want to use email form on my front page and i use code and email is show up on front page...I want to see email form totally controlled by user not by snews....I hope this help and i think this is big flaws for snews....thx

Hi Sasha,

You shouldn't really need a mod for that, you could probably just copy the form code from the contact page and edit it the way you like, then place it anywhere you like, because when sNews detects the $_POST['contactform'] variable it runs through the function at that point.

Comments are closed. No new comments allowed.

Copyleft 2002 - 2017 Matt Jones
Hand crafted with HTML5 & CSS3
↑ Back to top